QwikSec

Security Database

CVE

CWE

Training

CVE-2022-36310

Published: Aug 16, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.

Vendor	Product	Versions
Airspan	AirVelocity	affected `unspecified - < 15.18.00.2511`

Weaknesses (CWE)

References

https://helpdesk.airspan.com/browse/TRN3-1689

x_refsource_CONFIRM

https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-whc6-2989-42xm

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.